Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/25 8:18 p.m.22 views

CVE-2026-6450 CRL critical extension bypass in ParseCRL_Extensions

A CRL critical extension bypass exists in ParseCRLExtensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted signature when pars...

1CVSS0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : openssl-1.0.0-20.AXS4 (AXSA:2012-14:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-14:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

5CVSS8.2AI score0.05012EPSS
Exploits0References2
NVD
NVD
added 2021/07/19 5:15 p.m.21 views

CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

5.3CVSS0.00907EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2010/03/25 10:31 a.m.6 views

gnutls: gnutls_x509_crt_get_serial incorrect serial decoding from ASN1 (BE64) [GNUTLS-SA-2010-1]

The gnutlsx509crtgetserial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1readvalue with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list CRL check and cau...

7.5CVSS6.2AI score0.02944EPSS
Exploits1References4
Cvelist
Cvelist
added 2008/10/22 5:0 p.m.25 views

CVE-2008-4679

The Web Services Security component in IBM WebSphere Application Server WAS 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when Certificate Store Collections is configured to use Certificate Revocation Lists CRL, does not call the setRevocationEnabled method on the PKIXBuilderParameters object,...

6.4AI score0.01559EPSS
Exploits1References7
Cvelist
Cvelist
added 2007/11/06 9:0 p.m.21 views

CVE-2007-4994

Certificate Server 7.2 in Red Hat Certificate System RHCS does not properly handle new revocations that occur while a Certificate Revocation List CRL is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to...

6.5AI score0.01112EPSS
Exploits0References8
Rows per page
Query Builder